openrouter-video-gen

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The included scripts explicitly fetch and act on openrouter.ai API responses (scripts/list_video_models.py calls https://openrouter.ai/api/v1/videos/models and scripts/generate_video.py POSTs to https://openrouter.ai/api/v1/videos, polls the returned polling_url, and downloads from returned unsigned_urls), so untrusted third-party JSON/URLs directly drive polling, downloads, and provider parameters used by the tool.